Trend Micro security researchers have announced the finding of MagikPOS, a point of sale malware known to attack businesses across the world.

According to them, this malware has been around since January this year, and over 23,000 credit cards across US and Canada have had their information exposed to criminals in the process. It is believed that this malware will continue to make the rounds in North America, although an international expansion is not unlikely either.

This particular type of malware has researchers concerned, even though it is not exactly unique. Several similar types of malware have been discovered in recent months, all of which attempt to steal credit card data from point of sale devices. However, one big difference is how MagikPOS is deployed in an entirely different fashion. All victims who suffer from an attack by this malware are mapped out in advance, indicating the criminals behind MagikPOS carefully select their targets before making a move.

Interestingly enough, the MagikPOS malware is not distributed through physical access to the point of sale devices in question. Instead, the developers distribute it after they successfully infiltrate computer systems with a remote access trojan. So far, all of the victims have had such a RAT compromise their systems between August and November of 2016. Each of these remote access trojans helps the criminals in determining whether or not their chosen target is worth exploiting further.

Assuming the victim is a valuable target, the criminals then proceed to use a mix of different tools to get MagikPOS into the computer systems. So far, they have used a mix of remote desktop connection and FTP tools to install the malware itself. Finding a system that can be exploited without compromising the payload is the number one objective, albeit it is easier said than done. So far over 23,000 credit cards having their information extracted due to this malware.

To be more specific, the malware extracts track data from every individual payment card it can access. This information includes the PIN code, allowing the criminals to sell this information on the darknet as so-called “credit card dumps”. Researchers believe all major card issuers are vulnerable to this malware, including American Express and Diners Club. This type of information can fetch a good price on the darknet, especially when it contains all of the necessary information to make a clone of the original credit card.

For the time being, it remains unclear who might be responsible for creating the MagikPOS malware. Considering how it is written in the .NET programming language – which is extremely rare among malware authors – it is likely researchers have never dealt with this adversary before. However, this does not mean the coders created a bug-free solution either. Further research is needed to determine whether or not a solution can be found to counter this malware altogether.

DISCLAIMERS:-
1) Justransact aims at reaching out all the quality hardware & software products as listed in the portal to the benefit of its esteemed users. In this endeavor, if any Manufacturer/Authorized Distributor/Software vendor/Solution provider or any entity directly related to these products in a responsible capacity have any objection to the Product/Content/Pricing/Collaterals (Brochure/Video) & any other aspect, kindly represent the same in writing to us at redressal@justransact.com for necessary action thereon.

2) Justransact has provided all the Information/Pricing/Content/Collaterals (Brochure/Video) in the portal with all necessary diligence & utmost care. However if the information provided still does not fulfill these requisites in any form/lacks credibility or misleading in any way to our users or stakeholders, we would request you to share such information in writing to us at redressal@justransact.com for necessary correction/changes as may be required. However Justransact does not take any responsibility for any result arising out of this inadvertent error.

4) The Warranty & After sales service for the Hardware & software products listed in Justransact would be provided by the respective Manufacturer/Company authorized Partner in India only as per their standard norms. Accordingly the Warranty/After sales service period, policies, terms & conditions of all products listed vary from each Brand/Manufacturer/Company authorized partner as the case may be. Kindly verify the same with us before placing your order to avoid any confusion arising out of this on a later stage.